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Amendments to the Claims 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing; of Claims: 

Claim 1-14 (canceled) 

Claim 15 (currently amended) A method for detecting and geographically locating 

a rogue user accessing a wireless computer network wirelessly, where the wireless 
computer network comprises a server computer system and a plurality of wireless access 
points via which a wireless computer workstation accesses the server computer system. 
the method comprising: 

deploying a Network Management System (NMS) into the server computer 
system for collecting Media Access Control (MAO. Internet Protocol ( IP) addr e sses of 
computer workstat i ons and access points connected onto the network, and the 
performance characteristics of the c omputer workstations and access points; 

detecting a rogue user by comparing the collected MAC and IP addresses with a 
reference set of va lid addre sses of authorized users, wherein a user with addresses not on 
the reference set is conside red as the rogue user: 

determining the nearest wireless access point serving the rogue user by 
performing a logical AND operation between the collected IP address and the subnet 
mask of the rogue user: 

determining the geog r ap hic al location of the rogue user with reference to the 
nearest wireless access point by a ranking algorithm that derives at least one performance 
index for the rogue user from the collected performance characteristics of the rogue user 
and compares the perfomiance i nd ex of the rogue user with the average of the reference 
performance indices of each island mapped near the nearest access point in a spatial 
performance model pertinent to the time of day of detection: 
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wherein the spatial performance model having a plurality of islands is constructed 
dynamically by the foilovving operations, comprising: 

collecting and mapping out the performance characteristics of wireless 
computer workstations in the plurality of islands in the area covered by the wireless 
access points of the network: 

measuring at least one network performance pai'ameter of the performance 
characteristics for each island, wherein each island shares the same performance 
characteristics; and 

deriving a performance index for each island based on the at least one 
performance parameter to obtain the spatial performance model: and 

alerting the administer of the network for taking security measures against the 
located ro^zue user . 

_pre collecting and-pre m ap ping performa n ee - parameters of w irel ess compute fs 
with re s pect t o at least on e acc QS 5 - point within a geographical area covered by the 
wireless computor - netwoA -t 

obtaining a spat i al - performance model for the geographical area bas e d on th o 
collected performanc o -parametera, the spatial performance model is defined by a 

p l urality ef islands, each isl - and- shares substantially the same performa - Hee 

parameters; 

identifying t h e-user based at least on a M e dia Access Control (MAC) address and 
fetern e t Protocol (IP) address; 

acquiring at least one performance - parameter of the user; 

mapping and matching the at least one p erformance parameter acquired for tho 

user on the spatial perf e rmanee model to identify th e-mate - h e d is land; and 

identifying a geographi ea l-location of the user through t h e matched isla ndr 

Claim 16 (cancelled). 

Claim 17 (currently amended) The method according to claim +6 15, wherein deriving 
the network performance inde x of the rogue user and each island, comprising: 
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obtaining differences between tlie aequii - e d collected performance parameters of 
the rogue user and the performance parameters in the spatial performance model; 
determining a minimum vakie for each difference; 

normalizing the acquired perfomance parameters for each difference to obtain a 
rank number; and 

summing the rank number for each island to obtain the network performance 

index. 

Claim 1 8 (currently amended) The method according to claim +4 15, wherein deriving 
the n e twork performance index of the rogue user and each islands comprising 

determining a minimum values of each performance parameter in the spatial 
performance model; 

normalizing the values of each performance pai'ameter in the spatial performance 
model and the acquired collected p erformance parameters of the rogue user to obtain the 
rank numbers; 

obtaining the differences between the rank numbers of performance parameters in 
the spatial performance model and the acquired collected performance parameters of the 
rogue user: and 

summing the differences for each island to obtain the network performance index. 
Claim 19 (cancelled). 
Claim 20 (cancelled). 
Claim 21 (cancelled). 
Claim 22 (cancelled). 
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Claim 23 (currently amended) The method according to claim 4:6 15, wherein deriving of 
the at least one performance index comprising dynamically re-mapping the islands 
previously mapped based on a current performance index of each island at time intervals. 

Claim 24 (cancelled). 

Claim 25 (cancelled). 

Claim 26 (cancelled). 

Claim 27 (currently amended) The method according to claim 15, wherein the 
performance parameters includes variables defined at any of a physical layer, a network 
layer, an application layer and a data link layer. 

Claim 28 (previously presented) The method according to claim 27, wherein the physical 
layer includes any or all of signal strength, noise power and signal-to-noise ratio. 

Claim 29 (previously presented) The method according to claim 27, wherein the network 
layer includes any or all of ping response time, packet round-trip time, packet loss rate 
and propagation delay times. 

Claim 30 (previously presented) The method according to claim 27, wherein the 
application layer includes any or all of transactions responses, applications responses and 
end-to-end delay times. 

Claim 3 1 (previously presented) The method according to claim 27, wherein the data link 
layer includes any or all of link utilization, frame loss rate, number of error frames and 
throughput rate. 

Claim 32 (cancelled). 
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Claim 33 (previously presented) The method according to claim 15, wherein the 
performance parameters include any of distance from access point, number of wireless 
users, network topology, building material used and time of day. 

Claim 34 (currently amended) A wireless computer network system for bein^ capable of 
detecting and geographically locating a rogue user accessing-a the wireless computer 
network, having - at - least one wireless aee es s-point wirelessly, the system comprising: 
a server computer system with a computer readable medium: and 
a plurality of wireless access points via which wireless computer workstations 
access the server computer system: 

wherein the computer readable medium is embedded with computer executable 
programs including: 

a Network Management System (NMS) program for collecting Media Access 
Control (MAC). Internet Protocol (IP) addresses of computer workstations and access 
points connected onto the network, and the performance chai-acterxstics of the computer 
workstations and access points: 

a program for detecting a rogue user bv comparing the collected MAC and IP 
addresses with a reference set of valid addresses of authorized users, wherein a user with 
addresses not on the reference set is considered as the rogue user: 

a program for determining the neai^est wireless access point serving the rogue user 
by perform in g a logical AND operation between the collected IP address and the subnet 
mask of the rogue user: 

a program for determining the geographical location of the rogue user with 
reference to the nearest wireless access point by a ranking algorithm that derives at least 
one performance index for the rogue user from the collected performance characteristics 
of the rogue user and compares the performance index of the rogue user with the average 
of the reference performance indices of each island mapped near the nearest access point 
in a spatial performance model pertinent to the time of day of detection: 
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wherein the spatial performance model having a plurality of islands is constructed 
dyn a mically by a program com prisin g: 

collecting and mappinig out t he performance characteristics of wireless 
computer workstations in the plui^alitv of islands in the area covered bv the wireless 
access points of the network; 

measuring at least one network performance parameter of the performance 
characteristics for each island, wherein each island shares the same performance 
characteristics: and 

deriving a performance index for each island based on the at least one 
performance parameter to obtain the spatial performance model: and 

a program for alerting the administer of the network f or taking security measures 
against the located ro^zue user . 

a ne t w or k manag e n ^ ent system residing on a computer s yst em - of the wi - F elees 

computer network, the network management system-Qperationally detects users acc essi^ 
to the wireless comput e r network and acquires one or mor e p o rformanee parameters of 
the users; 

a spatial performance model d e fining a plurality of islands of p e rformanc e 

parameters, the performance parameters ar e obtained through pre collecting and pre - 

mapping over a goographical-ai'ea covered by the wireless co mp ut e r nctwork -- 

wherein the n e twork management system operat i onally - d e tects- users and 

identifi e s at least - a MAC addres s and-lP-addiNgss of the users and acquiring at l e ast one 
performance parameter of the users, the syst e m is opemble - to - map and match the at least 
ene-p e i - fermance parameter acquired for the user on the spatial porfermanee model to 
identify a match e d island f e r - eaeh uset v thereby identifying a geograph ical location of t h e 
use r through th e matched island. 

Claim 35 (cancelled). 

Claim 36 (cancelled). 
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Claim 37 (currentfy amended) The system - network according to claim 3^ 34, wliereiii the 
network performance index ia a sum of ranl c niimber-of each island, vvhore t B t he r ank 

number is obtain e d through normtalizing the acqiured - pei = formanco p a ra meters by a 

dilYeren c es betwee n t h e aequH - ed — performance parameters of the user and the 
pe r f ormance parameters in the spatial-p e rformance modeL of the rogue user and each 
island, comprising: 

obtaining differences between the collected performance parameters of the rogue 

user and the performance parameters in the spatial performance model; 
determining a minimum value for each difference: 

normalizing the acquired performance parameters for each difference to obtain a 

rank number: and 

summing the rank number for each island to obtain the performance index. 

Claim 38 (currently amended) The syste m network according to claim ^ 34, wherein the 
network performance index is a sum - of differences of rank numbers of performance 
parameters in the spatial performance m o del and the acquired performance parameters of 
the user, of which, - the p e rf o rmance parameters of t h e spatial performance model and the 
users are normalized by a minimum-values of each performan e e - paj^ameter in the spatial 
performance mQd e i -of the rogue user and each island, comprising 

determining a mimmum values of each performance parameter in the spatial 

performance model: 

normalizing the values of each performance parameter in the spatial performance 

model and the collected performance parameters of the rogue user to obtain the rank 
numbers: 

obtaining the differences between the rank numbers of performance parameters in 

the spatial performance model and the collected performance parameters of the rogue 
user: and 

summing the differences for each island to obtain the performance index. 
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Claim 39 (cancelled). 
Claim 40 (cancelled). 

Claim 41 (currently amended) The sy s tem network according to claim 34, wherein the 
islands previously mapped are dynamically re-mapped based on a current performance 
index of each island at time intervals. 

Claim 42 (cancelled). 

Claim 43 (currently amended) The sj^stem network according to claim 34, wherein the 
performance parameters includes variables defined at any of a physical layer, a network 
layer, an application layer and a data link layer. 

Claim 44 (currently amended) The method network according to claim 34, wherein the 
physical layer includes any or all of signal strength, noise power and signal-to-noise ratio. 

Claim 45 (currently amended) The me thod network according to claim 44 43, wherein 
the network layer includes any or all of ping response time, packet round-trip time, 
packet loss rate and propagation delay times. 

Claim 46 (currently amended) The me thod network according to claim 44 43, wherein 
the application layer includes transactions responses, applications responses and end-to- 
end delay times. 

Claim 47 (currently amended) The metho d network according to claim 44 43, wherein 
the data link layer includes any of link utilization, frame loss rate, number of eiTor fmmes 
and throughput rate. 
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Claim 48 (currently amended) The method network according to claim 34, wherein the 
spatial performance model differs at a particular period of the day. 

Claim 49 (currently amended) The method network according to claim 34, wherein the 
performance parameters include any of distance from access point, number of wireless 
users, network topology, building material used and time of day. 
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